Latest PRISM disclosures shouldn't worry consumers

Sep. 5, 2013
|

The NSA can view more encrypted data than previously believed. / Shutterstock

by Byron Acohido, USA TODAY

by Byron Acohido, USA TODAY

SEATTLE - Should the latest disclosures of decrypting techniques used as part of the NSA's PRISM anti-terrorism surveillance program keep you awake tonight?

Only if you do not believe President Obama and NSA Director Army Gen. Keith Alexander that any and all spying techniques are used strictly in very narrow circumstances to target suspected foreign terrorists, under a federal court review process.

"The people who work on PRISM are working to protect us," says Tom Kellermann, Trend Micro's vice president of cybersecurity. "They don't care what movie you're going to or whether someone is cheating on his wife."

Among the disclosures made by The New York Times' review of 50,000 pages of documents, delivered by whistle-blower Edward Snowden, are references to the NSA using certain techniques to crack Virtual Private Networks and Secure Sockets Layer services.

VPNs and SSL are two basic technologies for encrypting Internet traffic moving from your browser to a Web server operated by a company network, financial firm or shopping site.

The documents show government snoops have the ability to tap into any VPN or break any SSL service to view consumer traffic in clear text, says Chris Wysopal, chief technology officer at application security firm Veracode.

Another striking disclosure: The NSA has taken steps to weaken certain kinds of encryptions already known to be inherently weak.

"The big revelation is that the NSA is actually able to view more encrypted data than anyone thought," says Chris Petersen, chief technology officer at security analytics company LogRhythm. "What this will really do is put our adversaries on notice that they need to invest in stronger encryption. This really has no bearing on the average citizen."

Last July, Alexander told an overflow audience of several thousand tech-savvy attendees of the Black Hat cybersecurity conference that the PRISM program has helped the FBI stop 54 terrorist attacks in the U.S. and other nations.

And Alexander said Snowden's outing of documents showing techniques and strategies used by the NSA caused serious damage to the nation's anti-terrorism efforts. "Damage to our country is significant and irreversible," Alexander told the Black Hat audience. "What we're talking about is (deterring) future terrorist attacks."

In fact, all of the techniques disclosed by Snowden to date are widely known in the cybersecurity community and extensively used by data thieves, cyberspies and hacktivists.

"The ability to decrypt this traffic is well known, however there is no capacity or legal authority to monitor everyone's traffic," says Phil Lieberman, president of security firm Lieberman Software. "Only legally authorized targets are intercepted."

Adds Kellermann: "I wish the NSA had a monopoly on these techniques. Consumers should be more worried about the criminals of the world who have similar capabilities. The criminals are certainly not using these capabilities in a narrow way, and they're not going through any approval process."

"The average consumer has more to lose from malicious hackers and spammers out to score a quick buck than from government technologists," says Kothari. "The government is focused on hunting down would-be terrorists and criminals who are intending to disrupt the general welfare."

"This is a wake up call that old security and encryption standards are outdated," says Zafar. "We need a new encryption standard. We can no longer sit on our laurels . Security is a changing game and we must come up with new strategies. The ball is in the entrepreneur's court."